An Abnormal Commitment to Security and Privacy

December 17, 2021

Customers place tremendous trust in Abnormal to protect them from the full spectrum of attacks when they provide us access to the email stored in Microsoft 365 or Google Workspace. To that end, we’re focused on protecting your data and building your trust. This post describes our latest product security enhancements and our relentless commitment to protecting customer data.

We diligently follow key privacy and data protection principles for data minimization and processing purpose limitations, and maintain security, integrity, and confidentiality to ensure customer data is appropriately protected in alignment with global privacy frameworks. We also use industry-standard software development lifecycle processes to ensure all production code is fully peer-reviewed and deployed via approved methods.

Refined Portal Session Timeout Security

As part of our December 2021 product security enhancements, we have changed the Abnormal portal session timeout logic to automatically sign out a user after 60 minutes of inactivity, with a maximum user session length of one day. If desired, each customer can request custom timeout intervals that better conform with their own security policies, such as setting the timeout value to 15 minutes. As a result, customers benefit from increased security measures and uninterrupted sessions.

It is recommended wherever possible to use multi-factor authentication (MFA) as one of the most effective deterrents for preventing account takeover attacks. We support Okta for both SSO and MFA.

Comprehensive Role-Based Access Controls (RBAC)

Our newly expanded role-based access controls functionality enables customers to restrict access to specific tenants and administrative functions based on the user’s assigned roles and permissions. The expansive range of roles combined with per-product permissioning ensures more control while maintaining usability and ease of use.

Restricting product access to users by role

Granular product permissions within the Abnormal portal.

The additional enterprise-grade granular permissions, particularly for obscuring message bodies and per tenant permissions, sets the foundation for granular permissioning and will support new product features added in the future.

Setting product access permissions by individual role

Individual role, per tenant, and per product permissions in the Abnormal portal.

This further enhances security, privacy, and compliance, proving extremely valuable for larger enterprise customers with users in different divisions, departments, or teams across diverse geographies.

Abnormal's Commitment to Security and Privacy

The protection of our customer’s data is of paramount importance. To demonstrate the design and effectiveness of our security controls within our environment, an independent third-party audit is conducted annually, and Abnormal maintains a SOC 2 Type 2 report due to this regular audit activity. Upon request, we can share security framework reports and security control responses with external entities under a non-disclosure agreement (NDA).

As of December 21, 2021, Abnormal adheres to the following privacy regulations and compliance certifications:

Compliance

Privacy Regulations

Amazing products and lasting partnerships are built on trust and transparency. Abnormal is committed to providing secure products that protect your data and build your trust.

Not yet an Abnormal customer? Request a demo today to learn how Abnormal can enhance your email security capabilities and provide visibility into email threats that other solutions miss.

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Posts

B 1500x1500 Modern Email Attacks Webinar Series L4 R2
Our Modern Email Attacks series has wrapped! Here are some of the biggest takeaways from Chris Krebs, Troy Hunt, and Theresa Payton.
Read More
B 1500x1500 Gartner Insights L1 R1
See our commitment to providing our customers with the best possible solution and support with these reviews from Gartner® Peer Insights™.
Read More
B 11 14 22 SPM Launch Blog Graphics
Security Posture Management gives organizations insight into cloud configuration risks and gaps across user and app privileges.
Read More
B 11 14 22 SPM Launch Blog 2
Cloud email platforms enable better collaboration, but they also create new entry points, making sensitive data more accessible to attackers.
Read More
B 1500x1500 Q3 Ransomeware L1 R2
This post explores the continuation of the sharp decline in ransomware attacks as well as a few other notable data points from Q3 2022.
Read More
B 10 05 22 Cloud Email Security Platform Essentials
Learn the 7 key capabilities a cloud email security platform should have in order to address and resolve common email security challenges.
Read More
B 11 07 22 Valimail
Discover the benefits of a modern, best-of-breed solution to email security with Abnormal Security and Valimail’s New Partnership.
Read More
B 11 07 22 Vision 23 Blog
Discover the latest trends in cybersecurity as we look toward the email threats of the future in partnership with SecureWorld.
Read More
B 1500x1500 Crimson Kingsnake L2 R1
Uncovering how threat group Crimson Kingsnake uses third-party impersonation tactics to swindle organizations across the world.
Read More